Spring Cloud Config cannot clone private bitbucket repository using ssh key

Tarek picture Tarek · Oct 10, 2016 · Viewed 7.3k times · Source

I am on Linux (arch), trying to configure Spring Cloud Config following this tutorial with a private bitbucket git repository using an ssh key, but I keep getting the error:

Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
[Request processing failed; nested exception is java.lang.IllegalStateException: Cannot
clone or checkout repository] with root cause com.jcraft.jsch.JSchException: Auth fail

Now, according to the tutorial, it should work:

If you don’t use HTTPS and user credentials, SSH should also work out of the box when you store keys in the default directories (~/.ssh) and the uri points to an SSH location, e.g. "[email protected]:configuration/cloud-configuration". It is important that all keys in ~/.ssh/known_hosts are in "ssh-rsa" format. The new "ecdsa-sha2-nistp256" format is NOT supported. The repository is accessed using JGit, so any documentation you find on that should be applicable. HTTPS proxy settings can be set in ~/.git/config or in the same way as for any other JVM process via system properties (-Dhttps.proxyHost and -Dhttps.proxyPort).

I do have a private ssh key in the ~/.ssh folder named bitbucket-rsa, created using the command ssh-keygen -t rsa -b 4096 -C "[email protected]". The public key was added to Bitbucket correctly, as I am able to clone, pull and push from the repository from the command line without a hitch. The private key has been added to the ssh-agent and bitbucket.org is present in the known_hosts file.

Here's the bootstrap.yml in the config-service project:

spring:
  application:
    name: config-service
  cloud:
    config:
      server:
        git:
          uri: "[email protected]:TarekSaid/my-private-repo.git"
server:
  port: 8888

Using https with a username and password works, but I still prefer using ssh keys, how can I make it work?

Answer

Tarek picture Tarek · Oct 12, 2016

Finally made it work!

this question: How to use a custom ssh key location with Spring Cloud Config pointed me in the right direction. I debugged the JschConfigSessionFactory class and found out that when the username and password are not provided it fetches configuration from the default config file in ~/.ssh/config.

Therefore, all I had to do was add the following to my ~/.ssh/config file:

~/.ssh/config

Host bitbucket.org
  User TarekSaid
  Hostname bitbucket.org
  PreferredAuthentications publickey
  IdentitiesOnly yes
  IdentityFile ~/.ssh/bitbucket_rsa

Now it's working.